Salt Typhoon Exploits Flaws in Edge Network Devices to Breach 600 Organizations Worldwide

The China-linked advanced persistent threat APT actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. "While these actors focus on larg...

PT-2025-32147 · Undefined · Undefined

CISA adds three D-Link router flaws to KEV due to active exploitation, including remote password disclosure and command injection from 2020-2022. Firmware fixes exist, but CVE-2020-40799 remains unpatched. RouterSecurity US Vulnerabilities https://t.co/1UBwSWW1hk...

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

Cybersecurity researchers are calling attention to a malware campaign that's targeting security flaws in TBK digital video recorders DVRs and Four-Faith routers to rope the devices into a new botnet called RondoDox. The vulnerabilities in question include CVE-2024-3721, a medium-severity command...

FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks

Mirai and Keksec botnet variants are exploiting critical vulnerabilities in D-Link routers. Learn about the impact, affected devices, and how to protect yourself from these attacks...

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials...

CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a set of eight flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link device...

U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage

U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targete...

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service DDoS attacks. "The malware binaries appear to have been named by the malware author after a character from the popular anime...

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service DDoS attacks. "The malware binaries appear to have been named by the malware author after a character from the popular anime...

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco has warned of two security vulnerabilities affecting end-of-life EoL Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept PoC exploit. The issues are rooted in the router's web-based...

CVE-2022-20910

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

News Wrap: Amazon Ring Risks, Stalkerware, and D-Link Router Flaws

Threatpost news editors break down the top stories of the week, including: The Coalition Against Stalkerware launched this week, with the aim of offering a centralized location for helping victims of stalkerware, as well as defining what stalkerware is in the first place. Five U.S. Senators are...

Researcher Reveals Multiple Flaws in Verizon Fios Routers — PoC Released

A cybersecurity researcher at Tenable has discovered multiple security vulnerabilities in Verizon Fios Quantum Gateway Wi-Fi routers that could allow remote attackers to take complete control over the affected routers, exposing every other device connected to it. Currently used by millions of...

The vulnerability of the microprogrammed Wi-Fi router STATION L-02F, related to deficiencies in access control, allows a hacker to gain access to the device with administrator privileges and execute arbitrary commands.

The vulnerability of the microprogrammed Wi-Fi router STATION L-02F is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain access to the device with administrator privileges and execute arbitrary commands...